Download New Updated (July) Isaca CISA Actual Test 691-700

Ensurepass

 

QUESTION 691

A business application system accesses a corporate database using a single ID and password embedded in a program. Which of the following would provide efficient access control over the organization’s data?

 

A.

Introduce a secondary authentication method such as card swipe

B.

Apply role-based permissions within the application system

C.

Have users input the ID and password for each database transaction

D.

Set an expiration period for the database password embedded in the program

 

Correct Answer: B

Explanation:

When a single ID and password are embedded in a program, the best compensating control would be a sound access control over the applic
ation layer and procedures to ensure access to data is granted based on a user’s role. The issue is user permissions, not authentication, therefore adding a stronger authentication does not improve the situation. Having a user input the ID and password for access would provide a better control because a database log would identify the initiator of the activity. However, this may not be efficient because each transaction would require a separate authentication process. It is a good practice to set an expiration date for a password. However, this might not be practical for an ID automatically logged in from the program. Often, this type of password is set not to expire.

 

QUESTION 692

To ensure message integrity, confidentiality and non repudiation between two parties, the MOST effective method would be to create a message digest by applying a cryptographic hashing algorithm against:

 

A.

the entire message, enciphering the message digest using the sender’s private key, enciphering the message with a symmetric key and enciphering the key by using the receiver’s public key.

B.

any part of the message, enciphering the message digest using the sender’s private key, enciphering the message with a symmetric key and enciphering the key using the receiver’s public key.

C.

the entire message, enciphering the message digest using the sender’s private key, enciphering the message with a symmetric key and enciphering both the encrypted message and digest using the receiver’s public key.

D.

the entire message, enciphering the message digest using the sender’s private key and enciphering the message using the receiver’s public key.

 

Correct Answer: A

Explanation:

Applying a cryptographic hashing algorithm against the entire message addresses the message integrity issue. Enciphering the message digest using the sender’s private key addresses non repudiation. Encrypting the message with a symmetric key, thereafter allowing the key to be enciphered using the receiver’s public key, most efficiently addresses the confidentiality of the message as well as the receiver’s non repudiation. The other choices would address only a portion of the requirements.

 

 

QUESTION 693

Distributed denial-of-service (DDOS) attacks on Internet sites are typically evoked by hackers using which of the following?

 

A.

Logic bombs

B.

Phishing

C.

Spyware

D.

Trojan horses

 

Correct Answer: D

Explanation:

Trojan horses are malicious or damaging code hidden within an authorized computer program. Hackers use Trojans to mastermind DDOS attacks that affect computers that access the same Internet site at the same moment, resulting in overloaded site servers that may no longer be able to process legitimate requests. Logic bombs are programs designed to destroy or modify data at a specific time in the future. Phishing is an attack, normally via e-mail, pretending to be an authorized person or organization requesting information. Spyware is a program that picks up information from PC drives by making copies of their contents.

 

 

QUESTION 694

A perpetrator looking to gain access to and gather information about encrypted data being transmitted over the network would use:

 

A.

eavesdropping.

B.

spoofing.

C.

traffic analysis.

D.

masquerading.

Correct Answer: C

Explanation:

In traffic analysis, which is a passive attack, an intruder determines the nature of the traffic flow between defined hosts and through an analysis of session length, frequency and message length, and the intruder is able to guess the type of communication taking place. This typically is used when messages are encrypted and eavesdropping would not yield any meaningful results, in eavesdropping, which also is a passive attack, the intruder gathers the information flowing through the network withthe intent of acquiring and releasing message contents for personal analysis or for third parties. Spoofing and masquerading are active attacks, in spoofing, a user receives an e-mail that appears to have originated from one source when it actually was sent from another source. In masquerading, the intruder presents an identity other than the original identity.

 

 

QUESTION 695

Users are issued security tokens to be used in combination with a PIN to access the corporate virtual private network (VPN). Regarding the PIN, what is the MOST important rule to be included in a security policy?

 

A.

Users should not leave tokens where they could be stolen

B.

Users must never keep the token in the same bag as their laptop computer

C.

Users should select a PIN that is completely random, with no repeating digits

D.

Users should never write down their PIN

 

Correct Answer: D

Explanation:

If a user writes their PIN on a slip of paper, an individual with the token, the slip of paper, and the computer could access the corporate network. A token and the PIN is a two-factor authentication method. Access to the token is of no value with out the PIN; one cannot work without the other. The PIN does not need to be random as long as it is secret.

 

 

QUESTION 696

Which of the following would provide the BEST protection against the hacking of a computer connected to the Internet?

 

A.

A remote access server

B.

A proxy server

C.

A personal firewall

D.

A password-generating token

 

Correct Answer: C

Explanation:

A personal firewall is the best way to protect against hacking, because it can be defined with rules that describe the type of user or connection that is or is not permitted. A remote access server can be mapped or scanned from the Internet, creating security exposures. Proxy servers can provide protection based on the IP address and ports; however, an individual would need to have in-depth knowledge to do this, and applications can use different ports for the different sections of their program. A password-generating token may help to encrypt the session but does not protect a computer against hacking.

 

 

 

 

 

QUESTION 697

Which of the following is the MOST reliable form of single factor personal identification?

 

A.

Smart card

B.

Password

C.

Photo identification

D.

iris scan

 

Correct Answer: D

Explanation:

Since no two irises are alike, identification and verification can be done with confidence. There is no guarantee that a smart card is being used by the correct person since it can be shared, stolen or lost and found. Passwords can be shared and, if written down, carry the risk of discovery. Photo IDs can be forged or falsified.

 

 

QUESTION 698

Which of the following provides the framework for designing and developing logical access controls?

 

A.

Information systems security policy

B.

Access control lists

C.

Password management

D.

System configuration files

 

Correct Answer: A

Explanation:

The information systems security policy developed and approved by an organization’s top management is the basis upon which logical access control is designed and developed. Access control lists, password management and systems configuration files aretools for implementing the access controls.

 

 

QUESTION 699

A penetration test performed as part of evaluating network security:

 

A.

provides assurance that all vulnerabilities are discovered.

B.

should be performed without warning the organization’s management.

C.

exploits the existing vulnerabilities to gain unauthorized access.

D.

would not damage the information assets when performed at network perimeters.

 

Correct Answer: C

Explanation:

Penetration tests are an effective method of identifying real-time risks to an information processing environment. They attempt to break into a live site in order to gain unauthorized access to a system. They do have the potential for damaging information assets or misusing information because they mimic an experienced hacker attacking a live system. On the other hand, penetration tests do not provide assurance that all vulnerabilities are discovered because they are based on a limited number of procedures. Management should provide consent for the test to avoid false alarms to IT personnel or to law enforcement bodies.

 

 

 

 

QUESTION 700

An IS auditor finds that conference rooms have active network ports. Which of the following is MOST important to ensure?

 

A.

The corporate network is using an intrusion prevention system (IPS)

B.

This part of the network is isolated from the corporate network

C.

A single sign-on has been implemented in the corporate network

D.

Antivirus software is in place to protect the corporate network

 

Correct Answer: B

Explanation:

If the conference rooms have access to the corporate network, unauthorized users may be able to connect to the corporate network; therefore, both networks should be isolated either via a firewall or being physically separated. An I PS would detect possible attacks, but only after they have occurred. A single sign-on would ease authentication management. Antivirus software would reduce the impact of possible viruses; however, unauthorized users would still be able to access the corporate network, which is the biggest risk.

 

Free VCE & PDF File for Isaca CISA Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in CISA Real Tests (July) and tagged , , , , , , . Bookmark the permalink.